search

OpenFactorioServerManager / factorio-server-manager

A tool to help manage Factorio multiplayer servers including mods and save games.
MIT License
541 stars 129 forks source link

Reverse proxy with SWAG #390

Closed GasPoweredTomato closed 1 month ago

GasPoweredTomato commented 1 month ago

Does anyone have advice on how to reverse proxy this with swag? I am using auto proxy, when I add the swag enable label and add a cname to cloudflare, it does not work.

Mattie112 commented 1 month ago

What do you want to do and what settings do you use? Do you want to forward the web interface? Or game traffic? I don't use SWAG but without some information it is hard to help :)

GasPoweredTomato commented 1 month ago

I just want fsm to be accessible outside my network, but now that I think about it. I suppose the server would also be reverse proxied. I don't mind my friends connecting with my ip:port but onetime the server crashed and I wasn't around so I wanted to give them access to start it. The easier method would probably be tailscale.

mroote commented 1 month ago

Tailscale or some other VPN option would be preferred here versus opening public access.

Mattie112 commented 1 month ago

Why? As long as you have some access control I don't see the benefits of a VPN (for this case). I mean giving someone more direct access by using a VPN could be a bigger risk than having it open on the internet. But hey that is my opinion :)

@GasPoweredTomato It is all on what you prefer. You can have factorio accessed by ip/port, you can have the webinterface accessed by ip/port or any mix of those. But This is more of a SWAG question then a FSM question. I can try to help but then I need more details.

My flow would be to first ignore the whole cloudflare part. Just make sure that you can access what you need via the reverse proxy. Or go a back another step and try the ip:port first. Then you can determine where it is breaking.

GasPoweredTomato commented 1 month ago

I found a working fsm.subdomain.conf config for swag. I'll post it here for future reference.

server { listen 443 ssl; listen [::]:443 ssl;

server_name fsm.*;

include /config/nginx/ssl.conf;

client_max_body_size 0;

location / { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app fsm; set $upstream_port 80; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Range $http_range; proxy_set_header If-Range $http_if_range;

} }